Even if you want to be part of the class action lawsuit against Equifax, you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee.

The bot, which launched in all 50 states in July, is mainly known for helping with parking tickets. But with this new update, its creator, Joshua Browder, who was one of the 143 million affected by the breach, is tackling a much bigger target, with larger aspirations to match. He says, “I hope that my product will replace lawyers, and, with enough success, bankrupt Equifax.”

Not that the bot helps you do anything you can’t already do yourself, which is filling out a bunch of forms — you still have to serve them yourself. Unfortunately, the chatbot can’t show up in court a few weeks later to argue your case for you either. To add to the headache, small claims court rules differ from state to state. For instance, in California, a person needs to demand payment from Equifax or explain why they haven’t demanded payment before filing the form.

Attorney Scott Nelson, from the advocacy organization Public Citizen, says he isn’t convinced a chatbot can successfully win a lawsuit. “I am not inclined to think it would be a panacea. Filing and winning a small claims case takes more than just filling in a form.”

I agree with this top Reddit comment:To be honest I have an Art History Degree and am head of IT at my company. I know far more about security than a lot of IT staff around me. What you went to college for doesn't matter as much as how you use it.

I also saw a headline that the executives who sold all those shares before the news came out are now being investigated for insider trading. Their story is that they didn't know about the hack at the time they sold the shares.

wags83 wrote:Source of the post I also saw a headline that the executives who sold all those shares before the news came out are now being investigated for insider trading. Their story is that they didn't know about the hack at the time they sold the shares.

Equifax customer service has been directing victims to a fake phishing siteIn a tweet to a potential victim, the credit bureau linked to securityequifax2017.com, instead of equifaxsecurity2017.com. It was an easy mistake to make, but the result sent the user to a site with no connection to Equifax itself. Equifax deleted the tweet shortly after this article was published, but it remained live for nearly 24 hours.

Luckily, the alternate URL Equifax sent the victim to isn’t malicious. Full-stack developer Nick Sweeting set up the misspelled phishing site in order to expose vulnerabilities that existed in Equifax's response page. “I made the site because Equifax made a huge mistake by using a domain that doesn't have any trust attached to it [as opposed to hosting it on equifax.com],” Sweeting tells The Verge. “It makes it ridiculously easy for scammers to come in and build clones — they can buy up dozens of domains, and typo-squat to get people to type in their info.” Sweeting says no data will leave his page and that he "removed any risk of leaking data via network requests by redirecting them back to the user's own computer," so hopefully data entered on his site is relatively safe. Still, Equifax's team linked out to his page. That isn't reassuring.

The guy who made the site was on Reddit yesterday talking about it. Equifax is lucky he made the site just to set an example. Why would Equifax ever use that domain in the first place?! It seems so sketchy